Yubico Forum :: View topic - Import existing GPG key fails

# LD_LIBRARY_PATH=/usr/local/lib gpshell gpinstall.txt
mode_211
enable_trace
establish_context
card_connect
select -AID a000000003000000
Command --> 00A4040008A000000003000000
Wrapped command --> 00A4040008A000000003000000
Response <-- 6F658408A000000003000000A5599F6501FF9F6E06479112103800734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040255650B06092B8510864864020103660C060A2B060104012A026E01029000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
Command --> 80CA006600
Wrapped command --> 80CA006600
Response <-- 664C734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040255650B06092B8510864864020103660C060A2B060104012A026E01029000
Command --> 8050000008F3C6C2CDC1162A6700
Wrapped command --> 8050000008F3C6C2CDC1162A6700
Response <-- 0000431904101093281202020001C9BF790CAA61212540D1962D3ACD9000
mutual_authentication() returns 0x80302000 (The verification of the card cryptogram failed.)

# gpg-connect-agent --hex "scd apdu 00 f1 00 00" /bye
gpg-connect-agent: no running gpg-agent - starting '/usr/bin/gpg-agent'
gpg-connect-agent: waiting for the agent to come up ... (5s)
gpg-connect-agent: connection to agent established
D[0000] 01 00 11 90 00 .....
OK

# gpg2 --card-status
Reader ...........: 1050:0111:X:0
Application ID ...: D2760001240102000006063451650000
Version ..........: 2.0
Manufacturer .....: Yubico
Serial number ....: 06345165
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 3 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

r# gpg2 --edit-key 60F09683
gpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec rsa2048/60F09683
created: 2017-11-15 expires: 2021-01-01 usage: SC
trust: unknown validity: ultimate
ssb rsa2048/ED0017E3
created: 2017-11-15 expires: 2021-01-01 usage: E
[ultimate] (1). xxxxxxxxxxxxxxxxxxxxx <xxxxxxx@xxxxxx.com>

gpg> toggle

sec rsa2048/60F09683
created: 2017-11-15 expires: 2021-01-01 usage: SC
trust: unknown validity: ultimate
ssb rsa2048/ED0017E3
created: 2017-11-15 expires: 2021-01-01 usage: E
[ultimate] (1). xxxxxxxxxxxxxxxxxxxxx <xxxxxxx@xxxxxx.com>

gpg> key 1

sec rsa2048/60F09683
created: 2017-11-15 expires: 2021-01-01 usage: SC
trust: unknown validity: ultimate
ssb* rsa2048/ED0017E3
created: 2017-11-15 expires: 2021-01-01 usage: E
[ultimate] (1). xxxxxxxxxxxxxxxxxxxxx <xxxxxxx@xxxxxx.com>

gpg> keytocard
Please select where to store the key:
(2) Encryption key
Your selection? 2
gpg: KEYTOCARD failed: Operation cancelled

gpg>

Author:	lightpedals [ Wed Nov 15, 2017 1:41 am ]
Post subject:	Import existing GPG key fails
Hello. Looking for advice/next steps please. Thank you in advance for your support. Following https://forum.yubico.com/viewtopic.php?f=26&t=1344 directions and appear to have an error message moving the application to the key Code: # LD_LIBRARY_PATH=/usr/local/lib gpshell gpinstall.txt mode_211 enable_trace establish_context card_connect select -AID a000000003000000 Command --> 00A4040008A000000003000000 Wrapped command --> 00A4040008A000000003000000 Response <-- 6F658408A000000003000000A5599F6501FF9F6E06479112103800734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040255650B06092B8510864864020103660C060A2B060104012A026E01029000 open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f Command --> 80CA006600 Wrapped command --> 80CA006600 Response <-- 664C734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040255650B06092B8510864864020103660C060A2B060104012A026E01029000 Command --> 8050000008F3C6C2CDC1162A6700 Wrapped command --> 8050000008F3C6C2CDC1162A6700 Response <-- 0000431904101093281202020001C9BF790CAA61212540D1962D3ACD9000 mutual_authentication() returns 0x80302000 (The verification of the card cryptogram failed.) # gpg-connect-agent --hex "scd apdu 00 f1 00 00" /bye gpg-connect-agent: no running gpg-agent - starting '/usr/bin/gpg-agent' gpg-connect-agent: waiting for the agent to come up ... (5s) gpg-connect-agent: connection to agent established D[0000] 01 00 11 90 00 ..... OK # gpg2 --card-status Reader ...........: 1050:0111:X:0 Application ID ...: D2760001240102000006063451650000 Version ..........: 2.0 Manufacturer .....: Yubico Serial number ....: 06345165 Name of cardholder: [not set] Language prefs ...: [not set] Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Key attributes ...: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] r# gpg2 --edit-key 60F09683 gpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. sec rsa2048/60F09683 created: 2017-11-15 expires: 2021-01-01 usage: SC trust: unknown validity: ultimate ssb rsa2048/ED0017E3 created: 2017-11-15 expires: 2021-01-01 usage: E [ultimate] (1). xxxxxxxxxxxxxxxxxxxxx <xxxxxxx@xxxxxx.com> gpg> toggle sec rsa2048/60F09683 created: 2017-11-15 expires: 2021-01-01 usage: SC trust: unknown validity: ultimate ssb rsa2048/ED0017E3 created: 2017-11-15 expires: 2021-01-01 usage: E [ultimate] (1). xxxxxxxxxxxxxxxxxxxxx <xxxxxxx@xxxxxx.com> gpg> key 1 sec rsa2048/60F09683 created: 2017-11-15 expires: 2021-01-01 usage: SC trust: unknown validity: ultimate ssb* rsa2048/ED0017E3 created: 2017-11-15 expires: 2021-01-01 usage: E [ultimate] (1). xxxxxxxxxxxxxxxxxxxxx <xxxxxxx@xxxxxx.com> gpg> keytocard Please select where to store the key: (2) Encryption key Your selection? 2 gpg: KEYTOCARD failed: Operation cancelled gpg>

Yubico Forum https://forum.yubico.com/

Import existing GPG key fails https://forum.yubico.com/viewtopic.php?f=26&t=2783	Page 1 of 1

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/